﻿<%
'Session.CodePage=936
'Response.Charset="gb2312"

Session.CodePage=65001
Response.Charset="utf-8"

if trim(session("validateCode")) <> trim(Request("txt_check")) then
ErrorMessage = "请输入正确的验证码"
response.write(" <script>alert('"&ErrorMessage&"');location.href='login.asp'</script>")
response.end
end if

Dim conn,rs
	Set conn=Server.CreateObject("ADODB.Connection")
	Set rs=Server.CreateObject("ADODB.RecordSet")
'sql="select * from userInfo where userName='"&request.Form("username")&"'"
conn.Open "Driver={Microsoft Access Driver (*.mdb)}; DBQ="+server.mappath("data.mdb")
'sql="select count(*) from userInfo where userName='"&request.Form("username")&"'"
sql="select * from userInfo where username='"&request.Form("username")&"'"

rs.open sql,conn,1,1
if rs.eof then 
	'response.Write"{success:false,message:'登录失败!你输入的帐号或密码不正确!'}"
	response.Write "<script>alert(""登录失败!您输入的用户名或密码不正确!请重新登录"");location.href='login.asp';</script>"
else
	userName=trim(request.Form("username"))
	password=request.Form("userpass")
	loginType=request.Form("loginType")
	
	if password=rs("password") then 
		session("login")="ok"
		session("type")=rs("id")
		session("admin")=rs("userName")
		session("p")=rs("p")
		session("v1")=rs("v1")
		session("userPhoneInfo")="[]"
		
		if loginType = "管理" then
			response.Write "<script>location.href='admin.asp';</script>"
		else
			response.Write "<script>location.href='search.asp';</script>"
		end if
		'response.Redirect("manage.asp")
	else
		'response.Write "{success:false,message:'登录失败!你输入的密码不正确!'}"
		response.Write "<script>alert(""登录失败!您输入的用户名或密码不正确!请重新登录"");location.href='login.asp';</script>"
		'response.Write"本页为管理员专用页面"
	end if
end if
%>